Subject: Re: insufficient entropy for rnd
To: Daniel Carosone <email@example.com>
From: Greg Troxel <firstname.lastname@example.org>
Date: 08/25/2003 12:55:22
> rnd(4) seems a bit schizophrenic about whether it trusts things like
> hash functions or not.
How so, other than the estimator? (which is hopelessly bogus, but
at least can't be any less paranoid than a user asking for /dev/random
Basically, I was commenting on the notion of having 'full entropy'
bits as the prime commodity via /dev/random, v.s. second-class bits
from /dev/urandom. If the seed has enough entropy, and the hash
construction and the hash are sound, then the multiple outputs should
all be unguessable and independent. Being deeply worried about having
full-entropy bits (which Yarrow is not) to me indicates a distrust of
the hash function. But, rnd depends critically on using the hash
function for mixing in bits.
Greg Troxel <email@example.com>